The identification and correction of security vulnerabilities is a large area of research and investigation in information security. In particular, many resources are expended to protect the data and services that are hosted by cloud services and network-connected information providers. Various approaches are currently used to identify security vulnerabilities and issues in network-accessible software applications and services, with the goal to identify correct the vulnerabilities and issues before they can be exploited by a malicious actor. However, existing security testing and security verification techniques are often insufficient to stay ahead of all malicious actors.
For example, security verification of a service or infrastructure may be performed manually with a penetration testing team, commonly referred to as a “red team”, in contrast to a “blue team” that attempts to protect the service and patch vulnerabilities. Red teams may develop scenarios to exploit known vulnerabilities and find new vulnerabilities that a malicious attacker might use to compromise the service, to simulate real-life incidents so that the blue team can exercise incident response and detection. Further, red teams often expend resources to develop and identify stealthier ways of running malicious code onto target boxes. However, due to the manual nature of penetration testing, and the large amount of resources and expertise needed to successfully deploy simulated attacks, security testing performed by red teams may occur infrequently.